utm_proxy_exception – Create, update or destroy reverse_proxy exception entry in Sophos UTM

New in version 2.8.

Synopsis

  • Create, update or destroy a reverse_proxy exception entry in SOPHOS UTM.
  • This module needs to have the REST Ability of the UTM to be activated.

Parameters

Parameter Choices/Defaults Comments
headers
dictionary
A dictionary of additional headers to be sent to POST and PUT requests.
Is needed for some modules
name
string / required
The name of the object. Will be used to identify the entry
op
string
    Choices:
  • AND ←
  • OR
The operand to be used with the entries of the path parameter
path
list
Default:
[]
The paths the exception in the reverse proxy is defined for
skip_custom_threats_filters
list
Default:
[]
A list of threats to be skipped
skip_threats_filter_categories
list
Default:
[]
Define which categories of threats are skipped
skipav
boolean
    Choices:
  • no ←
  • yes
Skip the Antivirus Scanning
skipbadclients
boolean
    Choices:
  • no ←
  • yes
Block clients with bad reputation
skipcookie
boolean
    Choices:
  • no ←
  • yes
Skip the Cookie Signing check
skipform
boolean
    Choices:
  • no ←
  • yes
Enable form hardening
skipform_missingtoken
boolean
    Choices:
  • no ←
  • yes
Enable form hardening with missing tokens
skiphtmlrewrite
boolean
    Choices:
  • no ←
  • yes
Protection against SQL
skiptft
boolean
    Choices:
  • no ←
  • yes
Enable true file type control
skipurl
boolean
    Choices:
  • no ←
  • yes
Enable static URL hardening
source
list
Default:
[]
Define which categories of threats are skipped
state
string
    Choices:
  • absent
  • present ←
The desired state of the object.
present will create or update an object
absent will delete an object if it was present
status
boolean
    Choices:
  • no
  • yes ←
Status of the exception rule set
utm_host
string / required
The REST Endpoint of the Sophos UTM.
utm_port
integer
Default:
4444
The port of the REST interface.
utm_protocol
string
    Choices:
  • http
  • https ←
The protocol of the REST Endpoint.
utm_token
string / required
validate_certs
boolean
    Choices:
  • no
  • yes ←
Whether the REST interface's ssl certificate should be verified or not.

Examples

- name: Create UTM proxy_exception
  utm_proxy_exception:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestExceptionEntry
    backend: REF_OBJECT_STRING
    state: present

- name: Remove UTM proxy_exception
  utm_proxy_exception:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestExceptionEntry
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
result
complex
success
The utm object that was created

  _locked
boolean
Whether or not the object is currently locked

  _ref
string
The reference name of the object

  _type
string
The type of the object

  comment
-
The optional comment string

  name
string
The name of the object

  op
string
The operand to be used with the entries of the path parameter

  path
array
The paths the exception in the reverse proxy is defined for

  skip_custom_threats_filters
array
A list of threats to be skipped

  skip_threats_filter_categories
array
Define which categories of threats are skipped

  skipav
boolean
Skip the Antivirus Scanning

  skipbadclients
boolean
Block clients with bad reputation

  skipcookie
boolean
Skip the Cookie Signing check

  skipform
boolean
Enable form hardening

  skipform_missingtoken
boolean
Enable form hardening with missing tokens

  skiphtmlrewrite
boolean
Protection against SQL

  skiptft
boolean
Enable true file type control

  skipurl
boolean
Enable static URL hardening

  source
array
Define which categories of threats are skipped



Status

Authors

  • Sebastian Schenzel (@RickS-C137)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.